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To tap or not to tap 

Denning, Dorothy E 
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WORD COUNT: 6959 

...TEXT: with unjustifiable and unnecessary costs, and ultimately fail to 
meet the stated objectives if criminals encrypt their communications. 

This article presents the case for the proposed digital telephony 
legislation and responds to the preceding concerns. Although the digital 
telephony proposal does not address encryption , the possibility of 
regulating cryptography will be discussed following the section on the 
proposed legislation. .. isolated anyway so that it can be routed to its 
correct destination (for interception, a duplicate copy of the bit stream 
can be routed to a remote government monitoring facility) . But whereas 
this modification would be relatively straightforward for the service 
providers . . . CRYPTOGRAPHY 

It is now possible to purchase at reasonable cost a telephone security 
device that encrypts communications and to acquire software that 
encrypts data transmitted over computer networks. Even if law enforcement 
retains its capability to intercept communications, this capability 
ultimately could be diminished if criminals begin to hide their 
communications through encryption and law enforcement is unable to obtain 
access to the "plaintext " or unscrambled communications. If encryption 
becomes cheap and ubiquitous, this could pose a serious threat to effective 
law enforcement and hence to the public's safety. 

The digital telephony proposal does not address encryption , leaving open 
the question of how best to deal with it. Currently, the use of... 

...it is not obvious that most individuals and organizations would either 
need or demand strong encryption , especially since most do not use any 
form of encryption at present. However, since history shows that methods 
which are secure today may be blown... 

...a dependable long-term solution. 

ESCROWED PRIVATE KEYS. Ron Rivest has proposed using high-security 
encryption with "escrowed secret keys" 8!. Each user would be required to 
register his or her... 

...two trustees could be used, and the keys could be stored with the first 
trustee encrypted under a key known only to the second. Alternatively, 
using Silvio Micali's "fair public... 

...changing keys that belong to individuals and organizations and for 
gaining access to the transient " session keys " that are used to 
encrypt actual communications. Key registration might be incorporated into 
the sale and licensing of cryptographic products. To facilitate law 
enforcement's access to session keys , the protocols used to distribute 
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or negotiate session keys during the start of a communications could be 
standardized. Once law enforcement has acquired the private keys on a given 
line, they would then be able to acquire the session keys by 
intercepting the key initialization protocol. 

One drawback to this approach is the overhead and bureaucracy associated 
with key. . . 

...as the RSA public-key cryptosystem fit this description, others do not. 

DIRECT ACCESS TO SESSION KEYS . Ultimately a session key is needed 
to decrypt a communications stream, and this approach would give the 
service provider direct access to the session key when an intercept has 
been established in response to a court order. The service provider can 
then make the session key available to law enforcement along with the 
communications stream. 

One way of making the session key available to the provider is for the 
provider to participate in the protocol used to. . . 

...extension of the Dif f ie-Hellman public-key distribution protocol could 
be used to establish a session key that would be known only to the two 
communicants and the service provider: Each party. . . 

...pass it to the right. Finally, using the received value of z, they 
compute the shared session key k = z sup x mod p, which will be the 
value g raised to all... the government, under all circumstances, and that 
requiring people to make the plaintext of their encrypted communications 
available to the government directly or indirectly would be tantamount to 
forbidding them from. . . 

...with a warrant was permitted, law enforcement was empowered to intercept 
communications, whether they were encrypted or not. Now that encryption 
is becoming an issue, it would seem appropriate for Congress to set an 
encryption policy. 

Viewed narrowly, cryptography offers the possibility for absolute 
communications protection or privacy that is... 

...communications of a Pentagon employee. Thus, corporate security is not 
necessarily best served by an encryption system that offers absolute 
secrecy to its employees. 

COMPETITIVENESS 

Some people have argued that regulating... 

...U.S. products overseas. No other country would want to buy products 
based on weak encryption algorithms or with built-in mechanisms for. 
registering private keys or making session keys available to the 
service providers. 

As with the basic intercept capability issue, it is not... 

...an absolute privacy beyond that of law-abiding citizens. This is 
typically expressed as "if encryption is outlawed, only outlaws will have 
encryption ." Because products are being designed, sold, and given away in 
the absence of any regulation... 

...device such as a secure phone or security device attached to a standard 
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phone that encrypts communications transmitted between phones (or fax 
machines), or it can be embedded in software packages or modules that run 
on computers and encrypt the communications transmitted over computer 
networks. It seems easier to regulate and control telephone encryption 
devices than software. For example, if an approach based on escrowed keys 
is adopted, then. . . 

...key with a trustee on-line. Similarly, if an approach based on direct 
access to session keys is adopted, a suitable key negotiation 
protocol could be built into the products. Although criminals could develop 
their own noncompliantof f-the-shelf products rather than developing their 
own. 

Software encryption , performed on personal computers or servers, could be 
much more difficult to regulate, especially since... 

...or conversations. Thus, it would be a mistake to make the difficulty of 
controlling software encryption an excuse for not regulating 
cryptography. 

Although it would be practically impossible to prevent the... 
...cryptography regulation and to not expend resources enforcing it for its 
own sake. 

If private encryption is allowed to proceed without some reasonable 
accommodation, it will logically lead to situations in. . . 

. . .may be somewhat cumbersome and subject to evasion, we should give it 
full consideration. Regulated encryption would provide considerably 
greater security and privacy than no encryption , which has been the norm 
for most personal and corporate communications. We must balance our... 
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Simplifying secure remote access: SSL VPNs. 

Piscitello, David M. ; Phifer, Lisa 
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April, 2003 

ISSN: 0162-3885 LANGUAGE : English RECORD TYPE: Fulltext 

WORD COUNT: 4204 LINE COUNT: 00360 

objectives are accomplished by establishing a TCP session, and then 
authenticating the server 1 s certificate, encrypting encapsulated HTTP 
with a cipher like RC4 and applying a hashed message authentication code 
like ... destination server without interpretation. This lets the appliance 
focus on security — enforcing access controls, accelerating encryption 
— without becoming application-dependent. But each destination server and 
application must then provide a Web ... between the Internet and an 
organization's trusted networks. It processes client-authenticated and SSL- 
encrypted requests according to customer defined access control and 
authorization ...widely used native protocols, organizations don't have to 
webify every application, which eliminates considerable duplication on 
their part . " 



27-Apr-06 



page 4 



* Whale Communications: Whale Communications 1 e-Gap Remote Access 
appliance handles Lotus Suite, Microsoft Outlook and network file-sharing 
applications. Special, optimized subsystems ... network-level attacks, the 
public server strips arriving message TCP/IP headers. Only the SSL- 
encrypted payload is forwarded across the air gap, so attackers have no 
exploitable network path to... ability to support your company 1 s security 
policy. Most IPSec clients default to 3DES block encryption , but also 
support weaker alternatives like 56-bit DES . Browsers often default to 40- 
or 128-bit RC4 stream encryption , but SSL is perfectly capable of 
supporting 3DES CBC. The Advanced Encryption Standard (AES) is now being 
implemented for both protocols. Given comparable key lengths, block 
encryption is less vulnerable than stream encryption . Otherwise, both 
IPSec and SSL negotiate per- session keys , and both use cryptography to 
prevent eavesdropping and forgery. IPSec with mutual certificate 
authentication is... 
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Dorothy E. Denning. (To Tap or Not to Tap) 
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. . .ABSTRACT: in criminal investigations, it is unlikely that they will do 
so. The issue of electronic encryption , while not addressed specifically 
by the DOJ, is an important issue to consider. It may be beneficial to 
public interests to enact federal regulation governing encryption 
technologies. 

... with unjustifiable and unnecessary costs, and ultimately fail to 

meet the stated objectives if criminals encrypt their communications. 

This article presents the case for the proposed digital telephony 
legislation and responds to the preceding concerns. Although the digital 
telephony proposal does not address encryption , the possibility of 
regulating cryptography will be discussed following the section on the 
proposed legislationanyway so that it can be routed to its correct 
destination (for interception, a duplicate copy of the bit stream can be 
routed to a remote government monitoring facility) . But whereas this 
modification would be relatively straightforward for the service providers 
. . .Cryptography 

It is now possible to purchase at reasonable cost a telephone 
security device that encrypts communications and to acquire software that 
encrypts data transmitted over computer networks. Even if law enforcement 
retains its capability to intercept communications, this capability 
ultimately could be disminished if criminals begin to hide their 
communications through encryption and law enforcement is unable to obtain 
access to the "plaintext" or unscrambled communications. If encryption 
becomes cheap and ubiquitous, this could pose a serious threat to effective 
law enforcement and hence to the public's safety. 

The digital telephony proposal does not address encryption , leaving 
open the question of how best to deal with it. Currently, the use of. . . 

...it is not obvious that most individuals and organizations would either 
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need or demand strong encryption , especially since most do not use any 
form of encryption at present. However, since history shows that methods 
which are secure today may be blown. . . 

...a dependable long-term solution. 

Escrowed Private Keys. Ron Rivest has proposed using high-security 
encryption with "escrowed secret keys" [8]. Each user would be required to 
register his or her... two trustees could be used, and the keys could be 
stored with the first trustee encrypted under a key known only to the 
second. Alternatively, using Silvio Micali f s "fair public... 

...changing keys that belong to individuals and organizations and for 
gaining access to the transient " session keys " that are used to 
encrypt actual communications. Key registration might be incorporated into 
the sale and licensing of cryptographic products. To facilitate law 
enforcement's access to session keys , the protocols used to distribute 
or negotiate session keys during the start of a communications could be 
standardized. Once law enforcement has acquired the private keys on a given 
line, they would then be able to acquire the session keys by 
intercepting the key initialization protocol. 

One drawback to this approach is the overhead and bureaucracy 
associated with key. . . 

...as the RSA public-key cryptosystem fit this description, others do not. 

Direct Access to Session Keys . Ultimately a session key is 
needed to decrypt a communications stream, and this approach would give the 
service provider direct access to the session key when an intercept has 
been established in response to a court order. The service provider can 
then make the session key available to law enforcement along with the 
communications stream. 

One way of making the session key available to the provider is 
for the provider to participate in the protocol used to... 

...extension of the Dif f ie-Hellman public-key distribution protocol could 
be used to establish a session key that would be known only to the two 
communicants and the service provider: Each party... 

. . .pass it to the right. Finally, using the received value of z, they 
compute the shared session key k = [z.sup.x] mod p, which will be the 
value g raised to all... 

...the government, under all circumstances, and that requiring people to 
make the plaintext of their encrypted communications available to the 
government directly or indirectly would be tantamount to forbidding them 
from. . . 

. . .with a warrant was permitted, law enforcement was empowered to intercept 
communications, whether they were encrypted or not. Now that encryption 
is becoming an issue, it would seem appropriate for Congress to set an 
encryption policy. 

Viewed narrowly, cryptography offers the possibility for absolute 
communications protection or privacy that is ... communications of a Pentagon 
employee. Thus, corporate security is not necessarily best served by an 
encryption system that offers absolute secrecy to its employees. 

Competitiveness 

Some people have argued that regulating... 
...U.S. products overseas. No other country would want to buy products 
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based on weak encryption algorithms or with built-in mechanisms for 
registering private keys or making session keys available to the 
service providers. 

As with the basic intercept capability issue, it is not. . . 

...an absolute privacy beyond that of law-abiding citizens. This is 
typically expressed as "if encryption is outlawed." only outlaws will 
have encryption . " Because products are being designed, sold, and given 
away in the absence of any regulation. . . 

. . .device such as a secure phone or security device attached to a standard 
phone that encrypts communications transmitted between phones (or fax 
machines), or it can be embedded in software packages or modules that run 
on computers and encrypt the communications transmitted over computer 
networks. It seems easier to regulate and control telephone encryption 
devices than software. For example, if an approach based on escrowed keys 
is adopted, then... 

...new key with a trustee online. Similarly, if an approach based on direct 
access to session keys is adopted, a suitable key negotiation 
protocol could be built into the products. Although criminals could develop 
their own noncompliant . . . 

. . .most criminals would use commercial off-the-shelf products rather than 
developing their own. 

Software encryption , performed on personal computers or servers, 
could be much more difficult to regulate, especially since... 

...or conversations. Thus, it would be a mistake to make the difficulty of 
controlling software encryption an excuse for not regulating 
cryptography. 

Although it would be practically impossible to prevent the... 

...cryptography regulation and to not expend resources enforcing it for its 
own sake. 

If private encryption is allowed to proceed without some reasonable 
accomodation, it will logically lead to situations in... may be somewhat 
cumbersome and subject to evasion, we should give it full consideration. 
Regulated encryption would provide considerably greater security and 
privacy than no encryption , which has been the norm for most personal and 
corporate communications. We must balance our... 
9 
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